Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Win64/sirefef A and AO detected [Solved]

TessSteckleXam

Posted 02 October 2012 - 07:02 PM

TessSteckleXam

Member

Member

11 posts

Hello and thank you in advance for any help given.
About a month ago I started getting IE pop-ups on my desktop while my computer was idle. Since I never use IE as my browser and only use Mozilla Firefox, I downloaded Avast and it detected various viruses including Win64/ Sirefef[A] and [AO]. Avast wasn't able to delete Sirefef and every 5 minutes it would state that Sirefef was detected in my recycler folder and stopped. I downloaded and used TDSSKILLER and it was able to get find things that Avast missed but still I'm infected with Sirefef. My firewall and automatic updates have been disabled and I'm getting pop-ups on websites that I've never had a problem with. I uninstalled Avast and installed Webroot Secure Anywhere which states that OTL.exe is infected and won't allow me to run it. Help!

IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here

Double click on ComboFix.exe & follow the prompts.

Accept the disclaimer and allow to update if it asks

When finished, it shall produce a log for you.

Please include the C:\ComboFix.txt in your next reply.

Notes:1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions.

TessSteckleXam

Posted 03 October 2012 - 08:19 PM

TessSteckleXam

Member

Topic Starter

Member

11 posts

I'd like to thank you for working on my computer issues. I followed your instructions but I came across a few problems. 1 the combofix instructed me to download a system restore console and although you didn't mention it I accepted the request so that it would continue. 2 the OTL didn't produce an Xtra log file. So I don't screw this up any further I will await your instruction.

Windows Firewall:
=============
sharedaccess Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to retrieve start type of sharedaccess. The value does not exist.
Checking ImagePath: ATTENTION!=====> Unable to retrieve ImagePath of sharedaccess. The value does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open sharedaccess registry key. The service key does not exist.

Firewall Disabled Policy:
==================

System Restore:
============

System Restore Disabled Policy:
========================

Security Center:
============

Windows Update:
============
wuauserv Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.

BITS Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.